<?php	require_once(dirname(__FILE__).'/inc/config.inc.php');IsModelPriv('member_list');

/*
**************************
(C)2010-2015 phpMyWind.com
update: 2014-5-30 17:16:14
person: Feng
**************************
*/


//初始化参数
$tbname = '#@__member';
$gourl  = 'member.php';
$action = isset($action) ? $action : '';

//引入操作类
//require_once(ADMIN_INC.'/action.class.php');


//添加会员
if($action == 'add')
{	
	IsModelPriv('member','add','',$username);
	if(!isset($enteruser)) $enteruser = '';

	if(preg_match("/[^0-9a-zA-Z_@!\.-]/",$username) || preg_match("/[^0-9a-zA-Z_@!\.-]/",$password))
	{
		ShowMsg('用户名或密码非法！请使用[0-9a-zA-Z_@!.-]内的字符！','-1');
		exit();
	}
	if($password != $repassword)
	{
		ShowMsg('两次输入的密码不一样！','-1');
		exit();
	}

	$r = $dosql->GetOne("SELECT username FROM `$tbname` WHERE username='$username'");
	if(!empty($r['username']))
	{
		ShowMsg('用户名已存在！','-1');
		exit();
	}
	//根据经验获得用户组   已废弃
/* 	$dosql->Execute("SELECT * FROM `#@__usergroup`");
		while($row2 = $dosql->GetArray())
		{
			if($expval >= $row2['expvala'] and$expval <= $row2['expvalb'])  
			{
				$groupid = $row2['id'];
			}
		} */
		
	$password = md5(md5($password));
	$regtime  = GetMkTime($regtime);
	$regip    = GetIP();

	$sql = "INSERT INTO `$tbname` (username, password, nickname,email,mobile, enteruser, expval, modelid,groupid,integral, regtime, regip) VALUES ('$username', '$password', '$nickname','$email','$mobile','$enteruser', '1', '$modelid','$groupid','$integral', '$regtime', '$regip')";
	if($dosql->ExecNoneQuery($sql))
	{
		header("location:$gourl");
		exit();
	}
}


//修改会员信息
else if($action == 'update')
{
	IsModelPriv('member','update','',$username);
	
	if(!isset($enteruser)) $enteruser = '';

	if($password != $repassword)
	{
		ShowMsg('两次输入的密码不一样！','-1');
		exit();
	}

	//删除头像
	if(!empty($delavatar))
	{
		$avatarsize = array(1 => 'big', 2 => 'middle', 3 => 'small');
		foreach($avatarsize as $size)
		{
			file_exists(PHPMYWIND_DATA.'/avatar/'.get_avatar_filepath($id,$size)) &&
			unlink(PHPMYWIND_DATA.'/avatar/'.get_avatar_filepath($id,$size));
		}
	}
	//会员自定义字段处理
	$fieldname  = '';
	$fieldvalue = '';
	$fieldstr   = '';

	//$ids = GetDiyFieldCatePriv('1',$classid);
	if($oldmodelid==$modelid)
	{
		$dosql->Execute("SELECT * FROM `#@__userfield` WHERE infotype=$modelid AND checkinfo=true ORDER BY orderid ASC");
		while($row = $dosql->GetArray())
		{
			$k = $row['fieldname'];
			$v = '';
			if(isset($_POST[$row['fieldname']]))
			{
				if(is_array($_POST[$row['fieldname']]))
				{
					foreach($_POST[$row['fieldname']] as $post_value)
					{
						if(@!get_magic_quotes_gpc())
    					{
							$v[] = addslashes($post_value);
						}
						else
						{
							$v[] = $post_value;
						}
					}
				}
				else
				{
					if(@!get_magic_quotes_gpc())
					{
						$v = addslashes($_POST[$row['fieldname']]);
					}
					else
					{
						$v = $_POST[$row['fieldname']];
					}
				}
			}
			else
			{
				$v = '';
			}

			if(!empty($row['fieldcheck']))
			{
				if(!preg_match($row['fieldcheck'], $v))
				{
					ShowMsg($row['fieldcback']);
					exit();
				}
			}

			if($row['fieldtype'] == 'datetime')
			{
				$v = GetMkTime($v);
			}

			if($row['fieldtype'] == 'fileall')
			{
				$vTxt = isset($_POST[$row['fieldname'].'_txt']) ? $_POST[$row['fieldname'].'_txt'] : '';

				if(is_array($v) &&
				   is_array($vTxt))
				{
					$vNum = count($v);
					$vTmp = '';

					for($i=0;$i<$vNum;$i++)
					{
						if(@!get_magic_quotes_gpc())
						{
							$vTmp[] = $v[$i].','.addslashes($vTxt[$i]);
						}
						else
						{
							$vTmp[] = $v[$i].','.$vTxt[$i];
						}
					}

					$v = serialize($vTmp);
				}
			}

			if($row['fieldtype'] == 'checkbox')
			{
				@$v = implode(',',$v);
			}

			$fieldname  .= ", $k";
			$fieldvalue .= ", '$v'";
			$fieldstr   .= ", $k='$v'";
		}
	}
		//根据经验改变非认证会员用户组
		if($enteruser!=1 && $groupid>1){
			$dosql->Execute("SELECT * FROM `#@__usergroup`");
			while($row2 = $dosql->GetArray())
			{
				if($expval >= $row2['expvala'] and $expval <= $row2['expvalb'])  
				{
					$groupid = $row2['id'];
				}
			}
		}
	
	//获取会员模型表
	$m = $dosql->GetOne("SELECT modeltbname FROM `#@__usermodel` WHERE `id`='$modelid'");
	$mtbname = $m['modeltbname'];
	$dosql->ExecNoneQuery("DELETE FROM `$mtbname` WHERE `id`=$id");
	$dosql->ExecNoneQuery("INSERT INTO `$mtbname` (id {$fieldname}) VALUES ($id {$fieldvalue})");

	$sql = "UPDATE `$tbname` SET ";
	if($password != '')
	{
		$password = md5(md5($password));
		$sql .= "password='$password', ";
	}
	$sql .= "nickname='$nickname', email='$email', mobile='$mobile', enteruser='$enteruser', expval='$expval',modelid='$modelid',groupid='$groupid', integral='$integral',amount='$amount', checkinfo='$checkinfo' WHERE id=$id";


	if($dosql->ExecNoneQuery($sql))
	{	
		header("location:$gourl");
		exit();
	}
}

//删除单条记录
else if($action == 'del')
{	
	$r = $dosql->GetOne("SELECT `username` FROM `#@__member` WHERE `id`=$id");
	IsModelPriv('member','del','',$r['username']);
	
	$dosql->ExecNoneQuery("DELETE FROM `#@__member` WHERE id=$id");
	header("location:$gourl");
	exit();
}

//删除多条记录
else if($action == 'delall')
{

	foreach($checkid as $k => $v)
		{
			$r = $dosql->GetOne("SELECT `username` FROM `#@__member` WHERE `id`=$v");
			IsModelPriv('member','del','',$r['username']);
			$dosql->ExecNoneQuery("DELETE FROM `#@__member` WHERE id=$v");
		}
			header("location:$gourl");
	exit();
}

//移除绑定QQ
else if($action == 'removeoqq')
{
	$dosql->ExecNoneQuery("UPDATE `#@__member` SET `qqid`='' WHERE `id`='$id'");
	Msg('解除QQ绑定成功！','member_update.php?id='.$id,'icon:1');
	exit();
}


//移除绑定微博
else if($action == 'removeoweibo')
{
	$dosql->ExecNoneQuery("UPDATE `#@__member` SET `weiboid`='' WHERE `id`='$id'");
	Msg('解除微博绑定成功！','member_update.php?id='.$id,'icon:1');
	exit();
}


//无条件返回
else
{
    header("location:$gourl");
	exit();
}
?>
